storage: Add fcontexts for NVMe disks

NVMe has several dev nodes for each device: /dev/nvme0 is a char device for communicating with the controller /dev/nvme0n1 is the block device that stores the data. /dev/nvme0n1p1 is the first partition
2017-12-14 02:15:36 +08:00 · 2017-12-14 02:15:36 +08:00 · 7757827de9
commit 7757827de9
parent d29486d4cf
1 changed files with 2 additions and 0 deletions
--- a/policy/modules/kernel/storage.fc
+++ b/policy/modules/kernel/storage.fc
@ -33,6 +33,8 @@
 /dev/mspblk.*		-b	gen_context(system_u:object_r:removable_device_t,s0)
 /dev/mtd.*		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
 /dev/nb[^/]+		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
+/dev/nvme[0-9]+		-c	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
+/dev/nvme[0-9]n[^/]+	-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
 /dev/optcd		-b	gen_context(system_u:object_r:removable_device_t,s0)
 /dev/p[fg][0-3]		-b	gen_context(system_u:object_r:removable_device_t,s0)
 /dev/pcd[0-3]		-b	gen_context(system_u:object_r:removable_device_t,s0)